-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Christopher J. PeBenito wrote: > On Fri, 2007-11-09 at 11:25 -0500, Stephen Smalley wrote: >> On Fri, 2007-11-02 at 15:58 -0400, Daniel J Walsh wrote: >>> Also added translations of booleans to command line. >>> >>>> /usr/sbin/semanage boolean -l | grep nfs_export >>>> nfs_export_all_rw -> off Allow nfs to be exported read/write. >>>> nfs_export_all_ro -> on Allow nfs to be exported read only >>>> sh-3.2# /usr/sbin/semanage boolean -l | grep nfs >>>> xen_use_nfs -> off Allow xen to manage nfs files > [...] >>>> nfs_export_all_ro -> on Allow nfs to be exported read only >>> >>> This time with the patch. :^) >> Offhand, the only problem I see it that semanage boolean -l then fails >> if /usr/share/selinux/devel/policy.xml doesn't exist, rather than just >> falling back to displaying the untranslated booleans. >> >> Also, is /usr/share/selinux/devel/policy.xml created by upstream >> refpolicy or is it Fedora-specific? > > The infrastructure for building a policy.xml from the headers is > installed by upstream, but the policy.xml from refpolicy is not > installed. This allows 3rd parties to add their headers and then a > policy.xml can be built to include their module. Installing a > policy.xml there is a fedora-specific thing. > If I want to rebuild it after an interface file gets installed or want to add my own xml to it, what do I need to do? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFHNLlNrlYvE4MpobMRAn/RAJ4y28V9+rWAyMGHHPrfMxB4wJkZBwCfb4FE k6KJbDFjCm/b4scaLCmxTwE= =HzOo -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
